Evaluating the Hazardous Failure Rate of majority voting computer architectures by means of Bayesian Network models

Safety-critical control systems are usually based on majority voters. In order to assess the compliance of these architectures with international safety standards, the probability of the occurrence of unsafe events should be evaluated by developing and analyzing proper formal models. In this paper we demonstrate that a Bayesian Network (BN) model can be used to evaluate the Mean Time Between Hazardous Events (MTBHE) of voting architectures. The proposed modeling approach is applied to a “2 out of 2” (“2oo2”) voter consisting of independent computing units. The results obtained from the analysis of the BN model of the “2oo2” voter can be easily extended to evaluate the hazardous failure rate of more complex voting architectures (e.g. Triple Modular Redundant architectures, based on a 2oo3 voting). Within this context, BNs have several advantages over other traditional approaches (e.g. Petri Nets or Markov Chains): the model can be directly derived from the analysis of the flow-chart describing the dynamic of hazardous failures and its evaluation is much more efficient, as BN solving algorithms are non state-based; moreover, sensitivity analyses can be automatically performed by using the available user friendly BN tools . Finally, the proposed BN model is quite general and can be easily adapted and/or extended to suit specific computing architectures and fault models.